Description

The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.

Remediation

References

CVE-2017-16862

Related Vulnerabilities

Oracle Application Server CVE-2008-3975 Vulnerability (CVE-2008-3975)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7341)

WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (3.8.15)

MySQL CVE-2022-21334 Vulnerability (CVE-2022-21334)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5026)

Severity

Medium

Classification

CVE-2017-16862 CWE-352

Tags

Missing Update Known Vulnerabilities